Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/8c-C1cKrS9vrEHHyduDpxBWUdn0.roa
File: 8c-C1cKrS9vrEHHyduDpxBWUdn0.roa (raw, json)
Hash identifier: FTOpIZK5tyefkmNU2LUaQ9tagbXfcmBK67esQmwstIE=
Subject key identifier: F1:CF:82:D5:C2:AB:4B:DB:EB:10:71:F2:76:E0:E9:C4:15:94:76:7D
Certificate issuer: /CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Certificate serial: 018CC3495F8BCD006A361969EA62160B6E8B
Authority key identifier: 2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/8c-C1cKrS9vrEHHyduDpxBWUdn0.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58002
IP address blocks: 37.208.64.0/20 maxlen: 20
77.247.232.0/21 maxlen: 21
77.247.237.0/29 maxlen: 29
92.241.0.0/19 maxlen: 19
2a00:c9c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5f:8b:cd:00:6a:36:19:69:ea:62:16:0b:6e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1cf82d5c2ab4bdbeb1071f276e0e9c41594767d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0f:fa:79:b6:cf:40:88:a7:26:52:d6:60:0a:
fb:9d:29:3f:bc:cb:e2:84:45:dc:6a:7c:8b:23:55:
2a:a5:bf:21:46:aa:d1:17:91:88:98:92:27:15:85:
08:f9:fc:d3:e0:d4:04:6e:3a:e8:9a:a0:01:38:5b:
2f:1d:7e:33:49:45:5f:71:d8:53:69:00:28:52:8a:
fb:a0:5f:2e:4e:81:df:f8:d1:d2:e1:46:04:94:8d:
e1:ba:34:db:98:68:25:eb:74:e5:c7:91:b5:d6:f8:
45:cd:9d:1b:65:aa:62:d2:61:c1:02:07:52:9d:2a:
e6:2f:da:c6:d7:3e:c3:e8:cc:08:a4:77:9a:ce:01:
ea:18:59:bf:f5:43:13:ca:e9:13:e5:c6:a8:10:d8:
ec:1c:d2:c4:ef:67:ff:0b:33:ec:ba:81:f9:f6:33:
c5:ed:3c:7e:d0:73:d8:1f:b0:e5:e3:a8:d4:3a:cd:
30:bf:da:b6:3f:2f:30:71:b8:7c:37:64:c3:00:cf:
c0:45:50:11:36:4e:aa:dc:a9:e8:c0:db:78:a9:fc:
a8:ea:36:d5:40:51:9a:04:73:6c:dc:39:67:24:9c:
80:1a:92:2b:5a:84:f2:47:03:7e:a0:25:be:cc:3d:
54:f5:ef:b3:3a:3a:b9:24:ef:4e:8d:b5:36:8f:73:
d6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CF:82:D5:C2:AB:4B:DB:EB:10:71:F2:76:E0:E9:C4:15:94:76:7D
X509v3 Authority Key Identifier:
keyid:2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/8c-C1cKrS9vrEHHyduDpxBWUdn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.64.0/20
77.247.232.0/21
92.241.0.0/19
IPv6:
2a00:c9c0::/32
Signature Algorithm: sha256WithRSAEncryption
03:fc:f1:d9:3e:27:2f:28:a0:fe:d5:c3:98:c9:64:78:37:9d:
10:0f:67:9d:1c:0e:f2:78:20:25:68:3b:0a:cd:d0:3c:5d:37:
37:bf:d7:6a:e1:52:a8:2e:b8:11:c7:5e:d2:9f:29:25:5c:d3:
f1:a2:f2:9d:1c:41:99:db:97:69:f4:cf:f7:87:6d:33:b9:e7:
19:26:2e:c1:a4:de:98:41:42:51:02:13:32:9b:68:e8:66:19:
e5:98:f2:ea:6c:95:d0:cb:df:d4:f7:20:ed:10:0b:64:c4:af:
be:dc:93:c9:70:1a:24:7f:d1:4b:b7:18:12:f1:3b:a0:f1:be:
29:78:ad:c5:97:f5:64:e1:1f:4c:24:34:44:8a:6d:4f:c3:39:
a6:77:05:14:07:ba:67:f0:cb:d8:93:a2:b1:29:2a:60:5c:6d:
ed:cb:ee:e5:f0:da:4a:c8:60:79:06:d7:b0:00:40:3c:de:47:
47:8c:3d:61:23:13:31:e1:5f:6d:d6:6f:6c:be:28:f3:93:d2:
a2:39:0a:f9:32:24:72:06:e5:32:49:ff:fa:21:8d:9d:71:0b:
4b:21:e3:72:2f:54:71:2f:6d:e1:b9:75:db:93:e7:b0:bb:02:
25:28:57:4a:4e:98:c8:7c:2d:72:3b:4c:43:53:a2:a0:49:1f:
58:77:b9:5e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSV+LzQBqNhlp6mIWC26LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZWVjNTIzMWQyMTJiMzEwNTc5ZDc4ZmM0MTQ3OWNhNmVj
MmFhMDcwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNmODJkNWMyYWI0YmRiZWIxMDcxZjI3NmUwZTljNDE1OTQ3NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ/6ebbPQIinJlLWYAr7nSk/vMvi
hEXcanyLI1Uqpb8hRqrRF5GImJInFYUI+fzT4NQEbjromqABOFsvHX4zSUVfcdhT
aQAoUor7oF8uToHf+NHS4UYElI3hujTbmGgl63Tlx5G11vhFzZ0bZapi0mHBAgdS
nSrmL9rG1z7D6MwIpHeazgHqGFm/9UMTyukT5caoENjsHNLE72f/CzPsuoH59jPF
7Tx+0HPYH7Dl46jUOs0wv9q2Py8wcbh8N2TDAM/ARVARNk6q3KnowNt4qfyo6jbV
QFGaBHNs3DlnJJyAGpIrWoTyRwN+oCW+zD1U9e+zOjq5JO9OjbU2j3PWAQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPHPgtXCq0vb6xBx8nbg6cQVlHZ9MB8GA1UdIwQY
MBaAFC7uxSMdISsxBXnXj8QUecpuwqoHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDIt
MjcxYTk1NzZlYWU3LzEvOGMtQzFjS3JTOXZyRUhIeWR1RHB4QldVZG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDItMjcxYTk1NzZlYWU3
LzEvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEJdBAAwQD
TffoAwQFXPEAMA0EAgACMAcDBQAqAMnAMA0GCSqGSIb3DQEBCwUAA4IBAQAD/PHZ
PicvKKD+1cOYyWR4N50QD2edHA7yeCAlaDsKzdA8XTc3v9dq4VKoLrgRx17Snykl
XNPxovKdHEGZ25dp9M/3h20zuecZJi7BpN6YQUJRAhMym2joZhnlmPLqbJXQy9/U
9yDtEAtkxK++3JPJcBokf9FLtxgS8Tug8b4peK3Fl/Vk4R9MJDREim1PwzmmdwUU
B7pn8MvYk6KxKSpgXG3ty+7l8NpKyGB5BtewAEA83kdHjD1hIxMx4V9t1m9svijz
k9KiOQr5MiRyBuUySf/6IY2dcQtLIeNyL1RxL23huXXbk+ewuwIlKFdKTpjIfC1y
O0xDU6KgSR9Yd7le
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:25:17 2024 by rpki-client on console-fra.rpki-client.org